So, I’m trying to get pangolin up and running.

What I have: Ubuntu server running in proxmox, docker running on that Ubuntu, dynamic IP, duckdns in docker to counter that, domain name

What I did: installed pangolin with the installation script, said yes to crowdsec because it looked like the safest option (over time) even if I don’t know what it is/does, set a CNAME from pangolin.mydomain.com to my.duckdns.org, set a port forward for ports 80 and 443 on TCP and for port 51520 on UDP

What is happening: well, fairly, not much. If I test it from outside the network, I get a connection refused. If I test it locally (in portainer click on the 443 or 80 port) I get page not found

What I want: I want it to just work without a hastle and hope one of you can help me out here, cause I’m starting to lose my mind

  • punkibas@piefed.socialEnglish
    1·
    2 days ago

    Can you port forward to anything else in your network that you know works 100% to check if the problem is something besides Pangolin?

  • irmadlad@lemmy.worldEnglish
    10·
    4 days ago

    Crowdsec is a type of WAF you could say that covers a wide variety of attack scenarios and is fed by community input into the system as well. Very nice package imho. I use it.

    Other than that, I’m watching this thread because I’ve been reading up on Pangolin and it seems to be quite an inclusive package and covers a lot of ground with just one install. It seems to be along the lines of a Caddy/Tailscale scenario, just in one complete go.

  • sem@lemmy.blahaj.zoneEnglish
    7·
    4 days ago

    I was initially very concerned that you were trying to install a 13+ year old version of Ubuntu, 12.04 (Precise Pangolin). Now I just feel old.

    • irmadlad@lemmy.worldEnglish
      4·
      4 days ago

      Precise Pangolin

      Dude! I’ve been sitting here for about an hour trying to find an old 32 bit distro that will run on an old Dell Latitude laptop I have. Well guess what? Precise Pangolin works just like it should. Had to go download the torrent, but all is well. Thanks a bunch mate. You cut down my trial and error time by a bunch because I had a stack of them here to try.

  • aMockTie@lemmy.worldEnglish
    4·
    4 days ago

    According to the docs, you should be using UDP port 51820 (unless you changed the port in the docker compose file).

    You should also check the dynamic config file to be sure that it’s using the correct domain name. See this page: https://docs.fossorial.io/Getting%20Started/Manual%20Install%20Guides/docker-compose

    If you’re still having issues, make sure the containers are running with docker compose stats and check the logs with docker compose logs -f. It might also be worth checking the domain name to be sure that it’s resolving to the correct IP address, both locally and externally.

    • TheOldRepublic@lemmy.worldOPEnglish
      1·
      4 days ago

      Just to clarify. I have 80 and 443 as TCP and 51820 (sorry for the typo) as UDP. I used the automatic installer script. Doesn’t that generate the config files? If not, then probably there lies my problem.

      • aMockTie@lemmy.worldEnglish
        5·
        3 days ago

        As a sanity check, I just completed the same setup that you described (Ubuntu Server 24.04 running in a Proxmox VM, Domain name pointing to a CNAME that points to the Dynamic IP, using the installer script, enabled CrowdSec, etc.), and everything worked out of the box. A couple of things I noticed that would also be worth checking now that I’m more familiar with this specific setup are:

        • In the config/config.yml file, verify that the dashboard_url is set to the FQDN of the full URL (e.g. pangolin.mydomain.com), and that the base_domain is set to the root/apex domain (e.g. mydomain.com).
        • Double check those DNS records. As the haiku goes: it’s not DNS, it couldn’t be DNS, it was DNS. dig pangolin.mydomain.com or dig @1.1.1.1 pangolin.mydomain.com should show the CNAME that points to the A record.
        • A 404 page not found error is normal when connecting to the IP address directly rather than using the domain name. I was successfully able to access the dashboard using the FQDN from a local and external network. Depending on your network, you might want to set up a local DNS record that points to the internal IP address as well (though this should be optional in most cases to my knowledge).

        I hope that helps!

      • aMockTie@lemmy.worldEnglish
        1·
        3 days ago

        The script should take care of that config, but it’s something to check just in case there was a typo or anything else like that.

        Did you check to make sure the DNS records are resolving properly?